Here's the page we think you wanted. See search results instead:

Kodi Create Playlist Persistent Cross-Site Scripting (XSS)

Strike ID:
E18-0psv1
CVSS:
6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
False Positive:
f
Variants:
3
Year:
2018

Description

This strike exploits a cross-site scripting vulnerability in Kodi Media Player software. This vulnerability is due to inadequate input filtering in the web interface, while creating a new playlist. By exploiting this vulnerability an attacker could cause arbitrary HTML/script code to be executed by the target user's browser.

CVE

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-8831

References

http://seclists.org/fulldisclosure/2018/Apr/36